Q-Free MAXTIME Suite SQL注入漏洞

Q-Free MAXTIME Suite is a software suite for local traffic signal management from Q-Free. A SQL injection vulnerability exists in Q-Free MAXTIME Suite version 2.11.0 and prior versions, which stems from the editUserGroupMenu endpoint in maxprofile/menu/model.lua that does not properly handle user...

CVE-2025-1166

A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file endpoint/update.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been...

CVE-2025-1166

A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file endpoint/update.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been...

CVE-2025-1166 SourceCodester Food Menu Manager update.php unrestricted upload

A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file endpoint/update.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been...

CVE-2025-1166 SourceCodester Food Menu Manager update.php unrestricted upload

A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file endpoint/update.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been...

CVE-2025-1166

CVE-2025-1166 applies to SourceCodester Food Menu Manager 1.0. The vulnerability is in the file endpoint/update.php, enabling unrestricted file uploads and allowing remote exploitation. Impact is described as critical in multiple sources, with potential for arbitrary uploaded content and impact o...

SourceCodester Food Menu Manager 代码问题漏洞

SourceCodester Food Menu Manager is a Sourcecodester open source food menu manager. A code issue vulnerability exists in SourceCodester Food Menu Manager version 1.0, which stems from...

PT-2025-6137 · Sourcecodester · Sourcecodester Food Menu Manager

Name of the Vulnerable Software and Affected Versions: SourceCodester Food Menu Manager version 1.0 Description: A critical issue has been found in the software, affecting an unknown functionality of the file "endpoint/update.php". This leads to unrestricted upload. The issue can be exploited...

PT-2025-6839 · Sourcecodester · Sourcecodester Multi Restaurant Table Reservation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Multi Restaurant Table Reservation System version 1.0 Description: A critical issue has been found in the system, affecting an unknown function of the file select-menu.php. The manipulation of the table argument leads to SQL...

CVE-2021-4443

The WordPress Mega Menu plugin for WordPress is vulnerable to Arbitrary File Creation in versions up to, and including, 2.0.6 via the compilersave AJAX action. This makes it possible for unauthenticated attackers to create arbitrary PHP files that can be used to execute malicious code...

CVE-2022-3776

The Restaurant Menu – Food Ordering System – Table Reservation plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.3.1. This is due to missing or incorrect nonce validation on several functions called via AJAX actions such as formsaction, setoption...

CVE-2022-41934

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights on commonly accessible documents including the menu macro can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki...

CVE-2024-52414

Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu wdes-responsive-mobile-menu allows Object Injection.This issue affects WDES Responsive Mobile Menu: from n/a through = 5.3.18...

CVE-2024-32553

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in looksawesome Superfly Menu superfly-menu.This issue affects Superfly Menu: from n/a through = 5.0.25...

CVE-2024-49303

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5...

CVE-2024-49333

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5...

CVE-2024-49300

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows Reflected XSS. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5...

CVE-2024-54282

Deserialization of Untrusted Data vulnerability in Themeum WP Mega Menu wp-megamenu allows Object Injection.This issue affects WP Mega Menu: from n/a through = 1.4.2...

CVE-2024-54381

Missing Authorization vulnerability in Dotstore Advance Menu Manager advance-menu-manager.This issue affects Advance Menu Manager: from n/a through = 3.1.1...

MAL-2025-836 Malicious code in hubspottoolsmenu (npm)

--- -= Per source details. Do not edit below this line.=-...